X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=man%2Fsysusers.d.xml;h=1e079b21110397fcc80bce07048a0c276bb27c72;hb=0dd25fb9f005d8ab7ac4bc10a609d00569f8c56a;hp=af31ec078dd3dbe189280c0dca94b1f4325795b9;hpb=21236ab51082668914b933041893a1cf45218a3d;p=elogind.git
diff --git a/man/sysusers.d.xml b/man/sysusers.d.xml
index af31ec078..1e079b211 100644
--- a/man/sysusers.d.xml
+++ b/man/sysusers.d.xml
@@ -53,32 +53,28 @@
Description
systemd-sysusers uses the
- files from /usr/lib/sysusers.d/
+ files from sysusers.d directory
to create system users and groups at package
- installation or boot time. This tool may be used for
- allocating system users and groups only, it is not
+ installation or boot time. This tool may be used to
+ allocate system users and groups only, it is not
useful for creating non-system users and groups, as it
- accessed /etc/passwd and
+ accesses /etc/passwd and
/etc/group directly, bypassing
- any more complex user database, for example any
+ any more complex user databases, for example any
database involving NIS or LDAP.
-
- File Format
-
- Each file shall be named in the style of
- package.conf.
+ Configuration Format
- All files are sorted by their filename in
- lexicographic order, regardless of which of the
- directories they reside in. If multiple files specify
- the same user or group, the entry in the file with the
- lexicographically earliest name will be applied, all
- all other conflicting entries will be logged as
- errors. Users and groups are
- processed in the order they are listed.
+ Each configuration file shall be named in the
+ style of
+ package.conf
+ or
+ package-part.conf.
+ The second variant should be used when it is desirable
+ to make it easy to override just this part of
+ configuration.
The file format is one line per user or group
containing name, ID and GECOS field description:
@@ -86,7 +82,8 @@
# Type Name ID GECOS
u httpd 440 "HTTP User"
u authd /usr/bin/authd "Authorization user"
-g input - -
+g input - -
+m authd input
Type
@@ -105,7 +102,7 @@ g input - -
group will be set to the group
bearing the same name. The
user's shell will be set to
- /sbin/login,
+ /sbin/nologin,
the home directory to
/. The
account will be created
@@ -125,6 +122,15 @@ g input - -
created with no password
set.
+
+
+ m
+ Add a user to
+ a group. If the user or group
+ are not existing yet, they
+ will be implicitly
+ created.
+
@@ -132,7 +138,7 @@ g input - -
Name
The name field specifies the user or
- group name. It should be be shorter than 256
+ group name. It should be be shorter than 31
characters and avoid any non-ASCII characters,
and not begin with a numeric character. It is
strongly recommended to pick user and group
@@ -141,13 +147,18 @@ g input - -
scheme to guarantee this is by prefixing all
system and group names with the underscore,
and avoiding too generic names.
+
+ For m lines this
+ field should contain the user name to add to a
+ group.
ID
- The numeric 32bit UID or GID of the
- user/group. Do not use IDs 65535 or
+ For u and
+ g the numeric 32bit UID or
+ GID of the user/group. Do not use IDs 65535 or
4294967295, as they have special placeholder
meanings. Specify "-" for automatic UID/GID
allocation for the user or
@@ -157,6 +168,10 @@ g input - -
useful to create users whose UID/GID match the
owners of pre-existing files (such as SUID or
SGID binaries).
+
+ For m lines this
+ field should contain the group name to add to
+ a user to.
@@ -165,15 +180,48 @@ g input - -
A short, descriptive string for users to
be created, enclosed in quotation marks. Note
that this field may not contain colons.
+
+ Only applies to lines of type
+ u and should otherwise be
+ left unset.
+
+ Overriding vendor configuration
+
+ Note that systemd-sysusers
+ will do nothing if the specified users or groups
+ already exist, so normally there no reason to override
+ sysusers.d vendor configuration,
+ except to block certain users or groups from being
+ created.
+
+ Files in /etc/sysusers.d
+ override files with the same name in
+ /usr/lib/sysusers.d and
+ /run/sysusers.d. Files in
+ /run/sysusers.d override files
+ with the same name in
+ /usr/lib/sysusers.d. The scheme is the same as for
+ tmpfiles.d5,
+ except for the directory name.
+
+ If the administrator wants to disable a
+ configuration file supplied by the vendor, the
+ recommended way is to place a symlink to
+ /dev/null in
+ /etc/sysusers.d/ bearing the
+ same filename.
+
+
See Also
systemd1,
- systemd-sysusers8
+ systemd-sysusers8,
+ tmpfiles.d5